Using the Exchange Server Remote Connectivity Analyzer Tool (Part 1)

The ExRCA Tool…

The current release of the tool is only for testing purposes and the tool basically has 5 (five) options:

Outlook 2007 Autodiscover connectivity test

Outlook 2003 RPC over HTTP connectivity test

ActiveSync Autodiscover test

ActiveSync test

Inbound SMTP e-mail test

As we can see most of the tool features were made to test Exchange Server 2007 however you can test RPC over HTTP which can be hosted in an Exchange Server 2003 box and also use the inbound SMTP e-mail test which can be used by any SMTP server.

In this article series we will go over each of these options and we will also validate the Exchange Server side for each configuration. The most important thing is to not just test the functionalities but also understand where you can configure it to get the proper result.

If you have any question about Exchange Server 2007 and web services configuration, I strongly recommend you read Configuring Exchange Server 2007 Web Services URLs, where you can find out how to configure services to use both internal and external URLs. In this article we are going to focus only on the external portion but in your company you must make sure that both internal and external clients are able to connect without any issues and SSL warnings.

Finally, this web tool was designed to test valid and invalid certificates. Each test has an option to bypass the certificate validation which means that if you are using internal PKI or a non-valid Certificate Authority you can continue using this tool to test.

Testing Microsoft Office Outlook 2007 Autodiscover Connectivity

There are a lot of questions about Autodiscover on the Microsoft Forums, here are some key points about the Autodiscover feature and some of them may answer questions that you may have during Exchange Server 2007 design and deployment:

Autodiscover is only used by Outlook 2007 and Windows Mobile 6.1.

Autodiscover works in different ways for Internal and External clients.

Any internal client that belongs to Active Directory is going to search for a Service Connection Point (SCP) in Active Directory to find out which CAS server is available to retrieve the Autodiscover URL.

Any external client or a client that is not able to query the Active Diretory for the SCP object will search a host record named autodiscover.<smtp domain>. Ex.: If your smtp address is user@company.com Outlook 2007 is going to search for autodiscover.company.com to retrieve the Autodiscover settings to apply in the current Outlook configuration.

Autodiscover DNS Records will be used for external clients which means that you should not add any autodiscover entry in your internal DNS because it is not going to be used.

As was written before, ExRCA is able to test only the external portion of Autodiscover and an external client tries 4 (four) different ways to get Autodiscover information, here are how an external client tries to connect in your Exchange organization from an external source:

Client tries to locate http://autodiscover.domain.com/autodiscover/autodiscover, in this case the client will use redirect method and a message will be displayed on the client side about the redirection. This scenario can be used in a hosted services scenario.

Finally, client tries the last resource which is to locate Autodiscover SRV Record (_autodiscover._tcp.domain.com). Outlook 2007 is going to search the SRV record and the certificate for the host specified in that SRV must be used. In this scenario the Outlook 2007 client must have at least Service Pack 1 installed or the hotfix that enables such feature which is not found in the RTM version of Outlook 2007.

Okay, let’s use ExRCA to figure out how our Autodiscover is working for external clients. First of all, let’s create a dummy account to be used in our future tests and as soon as you finish the tests this account can be removed.

In Account & Test Details section (Figure 02), make sure that you fill out the E-mail address, Domain\Username and Password fields. In the Verification section, type in the same letters that you have on the left picture and make sure that you check the box that confirm your acceptance of the agreement and click Perform Test.

Figure 02

ExRCA uses the same logic of the Outlook 2007 client to test the Autodiscover service and that is why so important to know how Outlook locates the Autodiscover service. On the top of the page we will see a big Red (unsuccessful) or green (successful) icon and under this icon we can expand Test Steps twice and we will see in detail which methods were used by ExRCA to find the Autodiscover information.

In this example we can validate that under the second Test Steps we have two entries, the first one failed because it was looking for https://ccc.ca/Autodiscover/Autodiscover.xml and this address is not published in my domain and the second one (Figure 03) was fine and https://autodiscover.ccc.ca/autodiscover/autodiscover.xml was found.

Figure 03

We can also use the tool to track all steps performed in order to figure out which Autodiscover method is being in use. The first attempt was not successful because the host was not found. Using the tool we can look in detail at what was tested by the tool and if the tool was successful or not in each task, as shown in Figure 04 and also described below:

ExRCA found the host autodiscover.ccc.ca, we can also use the tool to see what IP Address was resolved. If the Firewall rule is configured wrongly we can validate that the DNS record is right but the publishing rule must be configured properly.

ExRCA tests the 443 port for the host found in the previous step.

ExRCA validates that the certificate matches the name autodiscover.ccc.ca

ExRCA retrieves the XML file which contains all the configuration necessary for Outlook 2007, and in within this data the Outlook client will be able to access another Exchange web services, such as: Availability, OAB, and UM.

Figure 04

Okay, now that we know that the autodiscover service is working and any Outlook 2007 outside will be able to get the webservices URLs used by Exchange Server, we can move on and in the next article we are going to test if Outlook Anywhere is working properly and also the other tests of the tool.

Conclusion

In this first article we saw how to validate the autodiscover services using a web-based tool (ExRCA) and also how Outlook 2007 locates autodiscover to retrieve Outlook Anywhere and webservices information without user intervention.

In the next article we are going to continue in the Autodiscover test but will also test Outlook Anywhere and the others available ExRCA tests.